CVE-2018-18789
The CVE-2018-18789 entry affects ZZCMS v8.3, where SQL injection exists in zt/top.php via a crafted Host HTTP header to zt/news.php. Connected sources (CNVD-2018-26016) state that this allows a remote attacker to obtain the current MySQL user, aligning with the NVD CVSS vectors (high impact acros...